<?php

class Authpermission extends AppModel {

    var $useTable = 'authresources_authusergroups';
    var $belongsTo = array(
        'Authresource' => array(
            'className' => 'Authresource',
            'foreignKey' => 'authresource_id',
            'conditions' => '',
            'fields' => '',
            'order' => ''
        ),
        'Authusergroup' => array(
            'className' => 'Authusergroup',
            'foreignKey' => 'authusergroup_id',
            'conditions' => '',
            'fields' => '',
            'order' => ''
        )
    );

    function addedit($groupname, $resourcename, $allow) {
        if (empty($groupname) || empty($resourcename))
            return INSUFFICIENT_PARAMETERS;

        $usergroup_id = $this->getUserGroupId($groupname);
        $resource_id = $this->getResourceId($resourcename);

        if (empty($usergroup_id) || empty($resource_id)) {
            return NON_EXISTANT_NAME;
        }
        if (!$allow)
            $allow = false;

        $this->recursive = -1;
        $arr_permission = $this->find('first', array('conditions' => array('authusergroup_id' => $usergroup_id, 'authresource_id' => $resource_id)));
        if (!empty($arr_permission)) {
            $permission_id = $arr_permission['Authpermission']['id'];
            $field = array('id' => $permission_id, 'authusergroup_id' => $usergroup_id, 'authresource_id' => $resource_id, 'allow' => $allow);
        } else {
            $field = array('authusergroup_id' => $usergroup_id, 'authresource_id' => $resource_id, 'allow' => $allow);
            $this->create();
        }
        if ($this->save($field)) {
            return SUCCESS;
        } else {
            return SAVE_ERROR;
        }
    }

    function deleteData($groupname, $resourcename) {
        if (empty($groupname) || empty($resourcename))
            return INSUFFICIENT_PARAMETERS;
        $usergroup_id = $this->getUserGroupId($groupname);
        $resource_id = $this->getResourceId($resourcename);

        if (empty($usergroup_id) || empty($resource_id)) {
            return NON_EXISTANT_NAME;
        }

        $this->recursive = -1;
        $arr_permission = $this->find('first', array('conditions' => array('authusergroup_id' => $usergroup_id, 'authresource_id' => $resource_id)));
        if (empty($arr_permission)) {
            $permission_id = $arr_permission['Authpermission']['id'];
            if ($this->del($permission_id)) {
                return SUCCESS;
            } else {
                return SAVE_ERROR;
            }
        } else {
            return SUCCESS;
        }
    }

    function listdata($field, $value, $operator, $orderfield, $orderby, $limit, $page, $recursive) {
        if (!$recursive)
            $recursive = -1;
        $order = array();
        $conditions = array();
        if ($orderfield) {
            if (!$orderby) {
                $orderby = "";
            }
            $order = array("Authpermission." . $orderfield . " " . $orderby);
        }
        if ($field) {
            $wildcard = "";
            if (!$operator)
                $operator = "";
            else {
                switch (strtoupper($operator)) {
                    case "=":
                        $operator = "";
                        break;
                    case "!=":
                        $operator = "<>";
                        break;
                    case "<>":
                        $operator = "<>";
                        break;
                    case "LIKE":
                        $operator = "LIKE";
                        $wildcard = "%";
                        break;
                    case "<":
                        $operator = "<";
                        break;
                    case ">":
                        $operator = ">";
                        break;
                    default:
                        $operator = "";
                        break;
                }
            }
            $conditions = array("Authpermission." . $field . " " . $operator => $wildcard . $value . $wildcard);
        }
        if (!$limit) {
            if (!$page)
                $params = array('conditions' => $conditions, 'order' => $order);
            else
                $params = array('conditions' => $conditions, 'order' => $order, 'page' => $page);
        }
        else {
            if (!$page)
                $params = array('conditions' => $conditions, 'order' => $order, 'limit' => $limit);
            else
                $params = array('conditions' => $conditions, 'order' => $order, 'limit' => $limit, 'page' => $page);
        }
        $this->recursive = $recursive;
        $resultsearch = $this->find('list', $params);
        return $resultsearch;
    }

    function getdata($field, $value, $operator, $orderfield, $orderby, $limit, $page, $recursive) {
        if (!$recursive)
            $recursive = -1;
        $order = array();
        $conditions = array();
        if ($orderfield) {
            if (!$orderby) {
                $orderby = "";
            }
            $order = array("Authpermission." . $orderfield . " " . $orderby);
        }
        if ($field) {
            $wildcard = "";
            if (!$operator)
                $operator = "";
            else {
                switch (strtoupper($operator)) {
                    case "=":
                        $operator = "";
                        break;
                    case "!=":
                        $operator = "<>";
                        break;
                    case "<>":
                        $operator = "<>";
                        break;
                    case "LIKE":
                        $operator = "LIKE";
                        $wildcard = "%";
                        break;
                    case "<":
                        $operator = "<";
                        break;
                    case ">":
                        $operator = ">";
                        break;
                    default:
                        $operator = "";
                        break;
                }
            }
            $conditions = array("Authpermission." . $field . " " . $operator => $wildcard . $value . $wildcard);
        }
        if (!$limit) {
            if (!$page)
                $params = array('conditions' => $conditions, 'order' => $order);
            else
                $params = array('conditions' => $conditions, 'order' => $order, 'page' => $page);
        }
        else {
            if (!$page)
                $params = array('conditions' => $conditions, 'order' => $order, 'limit' => $limit);
            else
                $params = array('conditions' => $conditions, 'order' => $order, 'limit' => $limit, 'page' => $page);
        }
        $this->recursive = $recursive;
        $resultsearch = $this->find('all', $params);
        return $resultsearch;
    }

    function checkresource($usergroup_id, $resource_name) {
        if (!$usergroup_id || empty($usergroup_id) || !$resource_name || empty($resource_name))
            return INSUFFICIENT_PARAMETERS;
        return $this->__recursivecheck($usergroup_id, $resource_name);
    }

    function __recursivecheck($usergroup_id, $resource_name) {
        $this->Authusergroup->recursive = -1;
        $arr_usergroup = $this->Authusergroup->find('first', array('conditions' => array('Authusergroup.id' => $usergroup_id)));
        $parent_id = $arr_usergroup['Authusergroup']['parent_id'];
        $this->recursive = 0;
        $arr_permission = $this->find('all', array('fields' => array('Authpermission.authusergroup_id',
                'Authpermission.authresource_id',
                'Authpermission.allow',
                'Authresource.name'),
            'conditions' => array('Authpermission.authusergroup_id' => $usergroup_id)
                )
        );
        if (!empty($arr_permission)) {
            foreach ($arr_permission as $permission) {

                if (strtolower($permission['Authresource']['name']) == strtolower($resource_name) && $permission['Authpermission']['allow'] == 1) {
                    return GRANTED;
                }
                if (strtolower($permission['Authresource']['name']) == strtolower($resource_name) && $permission['Authpermission']['allow'] == 0) {
                    return DENY;
                }
            }
        }
        if (!empty($parent_id)) {
            return $this->__recursivecheck($parent_id, $resource_name);
        } else {
            return DENY;
        }
    }

    function getresources($usergroup_id = null) {
        if (!$usergroup_id || empty($usergroup_id)) {
            return array();
        }
        return $this->__recursivegetresources($usergroup_id);
    }

    function __recursivegetresources($usergroup_id, $arr_allow = array(), $arr_deny = array()) {
        $this->Authusergroup->recursive = -1;
        $arr_usergroup = $this->Authusergroup->find('first', array('conditions' => array('Authusergroup.id' => $usergroup_id)));
        $parent_id = $arr_usergroup['Authusergroup']['parent_id'];

        $this->contain('Authresource');
        $this->Authpermission->recursive = 1;
        $arr_permission = $this->find('all', array('fields' => array('Authpermission.authusergroup_id',
                'Authpermission.authresource_id',
                'Authpermission.allow',
                'Authresource.name'),
            'conditions' => array('Authpermission.authusergroup_id' => $usergroup_id)
                ));
        if (!empty($arr_permission)) {
            foreach ($arr_permission as $permission) {
                if ($permission['Authpermission']['allow'] == true) {
                    array_push($arr_allow, $permission['Authresource']['name']);
                } else {
                    array_push($arr_deny, $permission['Authresource']['name']);
                }
            }
            $arr_allow = array_diff($arr_allow, $arr_deny);
        }

        if (!empty($parent_id)) {
            return $this->__recursivegetresources($parent_id, $arr_allow, $arr_deny);
        } else {
            return $arr_allow;
        }
    }

}

?>